Re: (RADIATOR) Simultaneous-Use/MaxSessions - long

Thu, 14 Oct 1999 18:03:07 -0700 


Hello Dawn -

On Fri, 15 Oct 1999, Dawn Lovell wrote:
> We've had two problems with concurrent login checking that I wanted to run
> by everyone.  We're running 2.13.1 on a mix of Solaris 2.5.1 and Solaris 7
> boxes; we have the snmpget from UCD SNMP (v3.6).  Please pardon my ignorance
> on some of the Radiator configuration options; I haven't actually been
> doing the configuration but am sending this on behalf of the people who
> have.
> 
> We originally had MaxSessions enabled, but it appeared to be having no
> effect.  Below are the (hopefully) relevant parts of the config file.
> We don't use an external session database, BTW.
> 
> LogDir /var/adm/radacct
> DbDir /etc/raddb
> SnmpgetProg /usr/local/bin/snmpget
> ...
> <<Client xxx.xxx.xxx.xxx>
>          Secret  <not shown>
>          NasType Livingston
>          SNMPCommunity <not shown>
>          DupInterval 300
> </Client>
> ...
> <<Realm>
>        <AuthBy FILE>
>        </AuthBy>
>         AcctLogFileName %L/%N/detail
> </Realm>
> <Realm DEFAULT>
>        MaxSessions 1
>        <AuthBy UNIX>
>          Identifier System
>          Filename /etc/shadow
>        </AuthBy>
>        AcctLogFileName %L/%N/detail
> </Realm>
> 

The problem you have is because of the confusion in the configuration file
above. Your trace shows correctly that your request is matching on the <Realm>
clause, however you do not have MaxSessions configured for that realm.

You might try something like this (and I do suggest you run a SessionDatabase,
that way you can use the radwho.cgi script to see what is going on):

# Configuration with a single Realm with MaxSessions
# also configure a SessionDatabase

LogDir /var/adm/radacct
DbDir /etc/raddb
SnmpgetProg /usr/local/bin/snmpget
...

<Client xxx.xxx.xxx.xxx>
        Secret  <not shown>
        NasType Livingston
        SNMPCommunity <not shown>
        DupInterval 300
</Client>
...

<AuthBy UNIX>
        Identifier System
        Filename /etc/shadow
</AuthBy>

<Realm>
        <AuthBy FILE>
                Filename ...
        </AuthBy>
        MaxSessions 1
        AcctLogFileName %L/%N/detail
</Realm>

<SessionDatabase DBM>
        Filename ....
</SessionDatabase>


hth

Hugh


--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
NT, Rhapsody

===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to